reporter on deadline seeks comment about reported security bug in
dgoodin at sitpub.com
Mon Sep 14 19:45:43 UTC 2009
Dan Goodin, a reporter at technology news website The Register. Security
researcher Przemyslaw Frasunek says versions 6.x through 6.4 of FreeBSD
has a security bug. He says he notified the FreeBSD Foundation on August
29 and never got a response. We'll be writing a brief article about
this. Please let me know ASAP if someone cares to comment.
-------- Original Message --------
Subject: Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer
Date: Sun, 13 Sep 2009 10:49:33 +0200
From: Przemyslaw Frasunek <venglin at freebsd.lublin.pl>
To: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com
References: <4A9028AC.9080902 at freebsd.lublin.pl>
Przemyslaw Frasunek pisze:
> FreeBSD <= 6.1 suffers from classical check/use race condition on SMP
There is yet another kqueue related vulnerability. It affects 6.x, up to
6.4-STABLE. FreeBSD security team was notified on 29th Aug, but there is no
response until now, so I won't publish any details.
Sucessful exploitation yields local root and allows to exit from jail.
you can see demo on:
* Fido: 2:480/124 ** WWW: http://www.frasunek.com ** NICHDL: PMF9-RIPE *
* Jabber ID: venglin at czuby.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ5JIV *
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
More information about the freebsd-questions